Info on aggressive-nsec in stats and unbound-control

Roland van Rijswijk-Deij roland.vanrijswijk at
Thu Mar 29 12:17:45 UTC 2018

Hi Ralph,

Ralph Dolmans via Unbound-users wrote:
>> We deployed Unbound 1.7.0 on one of our production servers yesterday,
>> and I have two questions regarding the aggressive-nsec feature:
>> 1. It seems that unbound-control cannot tell me whether the option is
>> enabled (we enabled it explicitly in the configuration):
>> # unbound-control get_option aggressive-nsec
>> error unknown option
>> Am I doing something wrong, or is this something that might need fixing?
> That indeed needed fixing, which just happened.


>> 2. It would be nice to have a metric in the extended statistics that
>> tallies how many times aggressive-nsec was used to produce an NXDOMAIN
>> response, is that possible?
> Thanks for the suggestion. That sounds like a good idea which I will
> happily implement.

Cool, send me a mail off list if you need me to test this for you.



-- Roland M. van Rijswijk-Deij
-- SURFnet bv
-- w:
-- e: roland.vanrijswijk at

More information about the Unbound-users mailing list